Get started
Bring yourself up to speed with our introductory content.
SOX Compliance for the Security Practitioner
This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, auditing, steps for achieving compliance, avoiding product hype.
This collection of resources offers security practitioners tips and strategies for keeping their organizations...
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
Step 2 of 2:
compliant with the ongoing demands of the Sarbanes-Oxley Act. Learn how other security practitioners are handling SOX compliance, financial woes, internal controls, auditing, steps for achieving compliance, avoiding product hype and what happens when you don't comply. Send us an e-mail to let us know what other guides you'd like to see on SearchSecurity.com.
To keep this Web page open as you're perusing this guide, right click on the links and select "Open in New Window."
TABLE OF CONTENTS
Introduction to SOX compliance
SOX in the enterprise
Compliance costs
Internal controls and section 404
Steps for compliance
Audit preparation
SOX compliance product guide
The bottom line: Violations and repercussions
More security learning resources
Free security IT downloads
 Introduction to SOX compliance |
 Return to Table of Contents |
- Glossary Definition: Sarbanes-Oxley Act
- Glossary Definition: Compliance
- Glossary Definition: Chief Compliance Officer
- Glossary Definition: Security audit
- Article: Key points of Sarbanes-Oxley
- Article: Experts: Better prepare for the regulations to come
- Column: Compliance 2.0
- Tip: SOX: Now the real dirty work begins
| SOX in the enterprise |
Return to Table of Contents |
- Article: SOX: New rules for year two
- Article: Five compliance questions to ask your CEO
- Article: Former SEC chair is SOX fan -- with exceptions
- Commentary: Why companies still struggle with compliance
- Tip: The real deal with Sarbanes-Oxley: Perspectives for the security manager
- Tip: What more is there to say about SOX?
- Tip: A SOX army of one: How to spearhead compliance efforts
| Compliance costs |
Return to Table of Contents |
- Article: SOX compliance costing companies big time
- Article: Big brother's watchful eye
- Article: Regulations bite into the bottom line -- but for how long?
- Article: Survey sheds light on SOX spending
- Article: Layer 8: Darned SOX
- Article: The cost of privacy safeguards
- Article: How privacy costs impact infrastructure
- Tip: Companies cry 'uncle' as compliance deadlines near
| Internal controls and section 404 |
Return to Table of Contents |
- Article: SEC: 404 budgets filled with waste
- Article: Regulatory compliance in the real world
- Tip: SOX 404 compliance: Efficiency is key
- Tip: Keeping SOX 404 under control(s)
- Expert advice: Does SOX (under Section 404) mandate that we archive e-mail?
- Expert Advice: Defining "internal controls" under Sarbanes-Oxley
| Steps for compliance |
Return to Table of Contents |
- Article: Sarbanes-Oxley Act: Steps toward coming into compliance
- Tip: Five steps for SOX compliance
- Tip: Getting compliance right
- Tip: Getting your regulatory priorities in order
- Tip: Complying with multiple regulations and contending with conflicts
- Tip: Does your organization need a CCO?
- Tip: Best practices for managing compliance with security standards
- Book Chapter: Ensure that legal responsibilities are clear -- Especially when trouble strikes
- Conference Presentation: The 5 pillars of successful compliance
- Conference Presentation: Standards-based compliance: A how-to guide
| Audit preparation |
Return to Table of Contents |
- Article: Reporter's Notebook: Why failing an audit can lead to success
- Article: Active Directory getting critical look from regulators
- Article: Cheat sheet: 10 ways to prep for auditors
- Article: Risk management for dummies
- Article: Report: IT shops lax about logging
- Tip: The future role of the CISO: Keeping auditors at bay
- Tip: Best practices for choosing an outside IT auditor
- Tip: Best practices for managing compliance with security standards
- Tip: Passing a SOX audit: Lessons learned from an information security professional
- Conference Presentation: Define security's role in the regulatory process
- Conference Presentation: Standards-based compliance: A how-to guide
| SOX compliance product guide |
Return to Table of Contents |
- Tip: SOX-in-a-box: One size does not fit all when it comes to compliance
- Advice: Log analyzer software
- Review: Elemental Compliance System 1.1 innovative, solid
- Review: Polivec Compliance Management System 3.7
- Conference Presentation: Separating fact from fiction: Security technologies for regulatory compliance
| The bottom line: Violations and repercussions |
Return to Table of Contents |
- Article: 'Typical' SOX violations
- Tip: Will the 'regulatory police' be knocking on your door?
- Tip: A closer look at Sarbanes-Oxley violations
- Advice: Examples of Sarbanes-Oxley violations
| More security learning resources |
| SECURITY SCHOOL | LEARNING GUIDES | CHECKLISTS | GLOSSARY | ASK THE EXPERTS | ||||||
This was last published in November 2005
